Yasna | Cybersecurity news, filtered

The Hacker News 5 days, 10 hours ago

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability

More from The Hacker News 30 May 2026, 2:39 a.m. Incident · 4 stories Actively exploited CVE-2026-39987 CVE Cloud Compromise Credentials Disclosure Exploit Initial Access Threat Actor Vulnerability

Bleeping Computer 6 days, 7 hours ago

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. [...]

More from Bleeping Computer 29 May 2026, 5:25 a.m. Incident · 10 stories Actively exploited CVE-2026-35616 Authentication Bypass CVE Credentials Exploit Flaw Malware Vulnerability

Bleeping Computer 1 month, 4 weeks ago

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. [...]

More from Bleeping Computer 6 Apr 2026, 2:17 a.m. Incident · 2 stories Actively exploited CVE-2025-55182 Automation CVE Credentials Exploit Theft Vulnerability

The Hacker News 2 months ago

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale

More from The Hacker News 3 Apr 2026, 8:30 a.m. Actively exploited CVE-2025-55182 API Amazon Amazon Web Services Breach CVE Cisco Credentials Database Exploit Github Infection SSH Theft Vulnerability

The Hacker News 3 months, 2 weeks ago

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG)

More from The Hacker News 18 Feb 2026, 11:32 p.m. Actively exploited CVE-2026-22769 0-Day CVE China Credentials Dell Google Report Vulnerability

The Hacker News 1 year, 1 month ago

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild

More from The Hacker News 18 Apr 2025, 4:29 p.m. Actively exploited CVE-2025-24054 America CISA CVE Credentials Disclosure Flaw Microsoft NTLM Vulnerability

Bleeping Computer 1 year, 7 months ago

Fortinet warns of new critical FortiManager flaw used in zero-day attacks

Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices. [...]

More from Bleeping Computer 24 Oct 2024, 4:05 a.m. Actively exploited CVE-2024-47575 0-Day API Artificial Intelligence CVE Credentials Critical Disclosure Flaw Fortinet Theft Vulnerability Warning

Bleeping Computer 2 years, 1 month ago

Palo Alto Networks zero-day exploited since March to backdoor firewalls

Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. [...]

More from Bleeping Computer 14 Apr 2024, 12:35 a.m. Actively exploited CVE-2024-3400 0-Day Backdoor Breach CVE Compromise Credentials Firewalls Nation State Palo Alto Networks Theft Vulnerability

Bleeping Computer 2 years, 6 months ago

Hackers start exploiting critical ownCloud flaw, patch now

Hackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments. [...]

More from Bleeping Computer 29 Nov 2023, 5:14 a.m. Actively exploited CVE-2023-49103 CVE Credentials Critical Flaw Passwords Patch Vulnerability

Bleeping Computer 3 years, 10 months ago

CISA warns of critical Confluence bug exploited in attacks

CISA has added a critical Confluence vulnerability tracked as CVE-2022-26138 to its list of bugs abused in the wild, a flaw that can provide remote attackers with hardcoded credentials following successful exploitation. [...]

More from Bleeping Computer 30 Jul 2022, 5:08 a.m. Actively exploited CVE-2022-26138 CISA CVE Credentials Critical Flaw Vulnerability Warning

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available